As software vendors, corporate entities, and government agencies increasingly market and deploy their applications around the glob0e, securing the sensitive intellectual property resident in these applications becomes critical. Organizations need to ensure that software programs are executed the way they are intended and keep the intellectual property resident within them safe from piracy, theft, and tampering, regardless of where these applications are located. While security solutions exist to protect the way computers process and store sensitive and classified data, they may not be designed to protect the actual operation of application code and algorithms within computing environments. As a result, critical assets such as nuclear power plants, communication systems, voting systems, defense systems, power grids, air traffic control systems, medical equipment, and financial systems may not be adequately protected. Moreover, the hacker and pirating communities continue to hone their reverse engineering skills and develop tools such as disassemblers, code tracers, rootkits, and software debugging products to determine how a piece of software works. These techniques have made software piracy, tampering, and intellectual property theft increasingly serious problems.
Traditional software security technologies can be grouped into three categories: host-based, software vulnerability scanning, and copy protection. Host-based solutions treat an application as a “black box” and attempt to safeguard the host environment by analyzing network traffic and application transactions, or by detecting malicious behavior on the host operating system. Software vulnerability scanning solutions analyze application source code to discover vulnerabilities that have been introduced during the development process. These tools are valuable for mitigating security vulnerabilities that are introduced during the software development process, but they do not harden the application before deployment and are not designed to protect applications from reverse engineering. There are myriad copy protection technologies that leverage either dongles or universal serial bus (USB) keys to bind a user license to an application, wrap encryption around the software itself, or utilize code obfuscation to protect applications. Dongle-based systems provide an increased level of security by protecting security keys on an external device. However, the cracking community now targets its attacks at this interface and has successfully defeated these systems using device emulators. Other protection technologies encrypt the application software to make reverse engineering difficult, but may require source code modifications or the application to be decrypted completely in memory, leaving it vulnerable to an attack. In addition, many of these approaches do not monitor and detect unauthorized access to software during execution. Code obfuscation helps to prevent reverse engineering but must be introduced during the software development process and requires extensive customization and ongoing engineering support. There is a need in the art, then, to better address piracy, theft and tampering threats without slowing down the software development process and delaying product releases, and to provide a simpler and more comprehensive approach to application security.